WazirX is one of India's leading cryptocurrency exchanges, facilitating the trading of various cryptocurrencies within the blockchain ecosystem. Recently, WazirX experienced a significant security breach resulting in the theft of approximately $235 million worth of assets. The breach was primarily due to the compromise of their Safe multisig wallet, which attackers exploited to drain the funds.
Behind the Breach
The breach was caused via WazirX’s Safe multisig wallet compromise. The attackers didn't exploit any vulnerability in the wallet itself but went after the human element and compromised the four private keys, including two obtained via phishing. This allowed them to upgrade the multisig wallet to a malicious version, facilitating the transfer of the stolen assets.
Lessons from the Incident
You are only as strong as your weakest link, rather than exploiting a technical vulnerability attachers exploited the human behaviour via a coordinated phishing attack.
The following security controls can help you protect your keys better from these kinds of attacks:
Enhanced Key Management: Implement stricter controls over private key management, including hardware security modules (HSMs) and multi-factor authentication (MFA) for accessing keys.
Phishing Awareness and Training: Regularly educate and train employees on phishing attacks and implement robust email security solutions to prevent phishing attempts from being successful.
Rivanorth is a boutique Web3 cybersecurity company. We specialise in smart contract audits and 360 degree security services for Web3. Visit rivanorth.com to find out more.
You build the future. We help you secure it.